Microsoft has decided it’s time to stop asking us to remember complex and unique passwords in order to access our apps and services. So starting today, you no longer need a password for your Microsoft account.
No passwords doesn’t mean less security, though. Microsoft has simply replaced them with four alternatives: the Microsoft Authenticator app, Windows Hello, a physical security key, or a verification code sent to your phone or via email. They all take a few seconds to use, but don’t require you to remember a complex sequence of characters.
Microsoft made the change not just for user convenience, but because passwords are a point of vulnerability, says Vasu Jakkal, CVP of Microsoft Security, Compliance & Identity, who points to passwords as the entry point for most attacks across enterprise and consumer accounts. There’s “a whopping 579 password attacks every second—that’s 18 billion every year,” she says.
If you’d like to remove your Microsoft account password, install the Microsoft Authenticator app on your Android or iOS device. After that, visit account.microsoft.com and sign in as you normally would, then navigate to Advanced Security Options and access the “Additional Security” section. There, you’ll see a “Passwordless Account” option, which you can turn on. The on-screen prompts will then guide you through the process of removing the account password with the help of the Authenticator app.
If the thought of removing the password fills you with concern, don’t worry. Microsoft allows you to revert back to using a password by turning off the Passwordless Account option, so give it a go and see if you like it.
